Security Specialist - GRC (W/M/NB)

Ubisoft is a global leader in gaming with teams across the world creating original and memorable gaming experiences, from Assassin’s Creed, Rainbow Six to Just Dance and more. We believe diverse perspectives help both players and teams thrive. If you’re passionate about innovation and pushing entertainment boundaries, join our journey and help us create the unknown!

JOB DESCRIPTION

Ubisoft is looking for an Information Security Specialist to join the Security & Risk Management teams, who aim to make Ubisoft fully resilient to risks and threats as an organization and to provide a safe and secure environment that enables teams to work efficiently toward achieving their objectives.

As part of GRC (Governance, Risk and Compliance) team, the role is mainly responsible for maintaining Ubisoft security policies and standards, while also contributing to Ubisoft regulatory compliance activities.

Your main responsibilities will include:

• Assessing gaps in existing cybersecurity policies and standards
• Work with security architects and subject‑matter experts to:
  • Create new cybersecurity policies and standards to be submitted for approval by executives and stakeholders
  • Review and recommend modifications/additions to existing policies and standards
• Maintaining a document repository where all cybersecurity‑related materials are published and stored
• Ensuring consistency between the various security policies, standards, procedures and guidelines
• Supporting Ubisoft's information security compliance program
• Participating to preparation efforts and response for external audits
• Communicating with internal teams

QUALIFICATIONS

Background

Significant experience as a cybersecurity consultant or security analyst is required for this position, preferably with:

• A specialization in GRC (governance, risk and compliance), or at least with an interest for regulatory‑related security topics
• Prior experience with crafting cybersecurity policies and procedures

Required Skills

• Good understanding of IT systems and security fundamentals
• Knowledge of the major European privacy and cybersecurity laws and regulations (RGPD, NIS2, CRA)
• Knowledge of at least one global security framework (such as ISO 27001, NIST CSF, NIST 800‑53, or CIS Controls standards)
• Excellent written and verbal communication skills
• Strong sense of formalism and great attention to detail

Nice to Have

• Prior experience in auditing organizational and/or technical security measures
• Prior experience with a GRC tool
• Prior experience in designing or implementing an IAM program
• Holding a CISM, CISSP, or CISA or ISO27001 Implementer/Auditor certification is considered a plus.

ADDITIONAL INFORMATION

Profit Sharing, yearly company saving plan. 25 paid time off + 12 additional paid days off. 50% of your Navigo pass is paid by the company, lunch vouchers (9€/day), healthcare for you and your family, and lots of Ubisoft additional perks. Our office is located in Saint Mandé, (Metro line 1, Saint Mandé station). Gym available in the building.

Additional Information

Skills and competencies show up in different forms and can be based on different experiences, that's why we strongly encourage you to apply even though you may not have all the requirements listed above.At Ubisoft, you can come as you are. We embrace diversity in all its forms. We’re committed to fostering a work environment that is inclusive and respectful of all differences.

Check out this guide to help you with your application, and learn about our actions to encourage more diversity and inclusion.

FAQ

Can I submit an open application?

We do not accept open applications. You can find all our open positions by clicking on the ‘Search Jobs’ button. Check our careers page regularly if you don’t find the opportunity you are looking for this time.

How can I check my application status?

You can check the status of your application by logging into your SmartRecruiters candidate profile.

At Ubisoft, everyone is welcome! We know that by bringing together different perspectives and experiences, we create a more inclusive environment for our team members. You’ll get the chance to work with teams and projects that inspire and challenge you every single day.

How do I know if a Ubisoft email/offer is legit?

We were sorry to hear of some instances whereby scammers contacted candidates on Ubisoft’s “behalf” to gather personal data and/or money. We take this matter very seriously: not only do these actions put you at risk, they also jeopardize Ubisoft’s image.Click on the button below to read the detailed list of of things that Ubisoft, as a company, will never ask you for during your hiring process.